Sqlalchemy Mako
2 CVEs affecting Sqlalchemy Mako. Latest disclosed: 2026-05-12. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-41205 | High | 7.5 | 2026-04-23 | Mako is a template library written in Python. Prior to 1.3.11, TemplateLookup.get_template() is vulnerable to path traversal when a URI starts with // (e.g., /… |
CVE-2026-44307 | | 2026-05-12 | Mako is a template library written in Python. Prior to 1.3.12, on Windows, a URI using backslash traversal (e.g. \..\..\ secret.txt) bypasses the directory tra… |